Portability | unknown |
---|---|
Stability | experimental |
Maintainer | Vincent Hanquez <vincent@snarc.org> |
Safe Haskell | None |
Read/Write X509 certificate
- data X509 = X509 {}
- data SignatureALG
- data HashALG
- = HashMD2
- | HashMD5
- | HashSHA1
- | HashSHA224
- | HashSHA256
- | HashSHA384
- | HashSHA512
- data PubKeyALG
- data PubKey
- = PubKeyRSA PublicKey
- | PubKeyDSA PublicKey
- | PubKeyDH (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer))
- | PubKeyECDSA ECDSA_Hash ByteString
- | PubKeyUnknown OID [Word8]
- type OID = [Integer]
- data ASN1StringType
- type ASN1String = (ASN1StringType, String)
- newtype DistinguishedName = DistinguishedName {
- getDistinguishedElements :: [(OID, ASN1String)]
- data Certificate = Certificate {
- certVersion :: Int
- certSerial :: Integer
- certSignatureAlg :: SignatureALG
- certIssuerDN :: DistinguishedName
- certSubjectDN :: DistinguishedName
- certValidity :: (Time, Time)
- certPubKey :: PubKey
- certExtensions :: Maybe [ExtensionRaw]
- module Data.Certificate.X509.Ext
- getSigningData :: X509 -> ByteString
- decodeCertificate :: ByteString -> Either String X509
- encodeCertificate :: X509 -> ByteString
- decodeDN :: ByteString -> Either String DistinguishedName
- encodeDN :: DistinguishedName -> ByteString
- hashDN :: DistinguishedName -> ByteString
- hashDN_old :: DistinguishedName -> ByteString
Data Structure
X509 | |
|
Data Structure (reexported from X509Cert)
data SignatureALG Source
PubKeyRSA PublicKey | RSA public key |
PubKeyDSA PublicKey | DSA public key |
PubKeyDH (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer)) | DH format with (p,g,q,j,(seed,pgenCounter)) |
PubKeyECDSA ECDSA_Hash ByteString | ECDSA format not done yet FIXME |
PubKeyUnknown OID [Word8] | unrecognized format |
data ASN1StringType Source
type ASN1String = (ASN1StringType, String)Source
newtype DistinguishedName Source
data Certificate Source
Certificate | |
|
module Data.Certificate.X509.Ext
helper for signing/veryfing certificate
getSigningData :: X509 -> ByteStringSource
get signing data related to a X509 message, - which is either the cached data or the encoded certificate
serialization from ASN1 bytestring
decodeCertificate :: ByteString -> Either String X509Source
decode an X509 from a bytestring - the structure is the following: - Certificate - Certificate Signature Algorithm - Certificate Signature
encodeCertificate :: X509 -> ByteStringSource
encode a X509 certificate to a bytestring
Distinguished names related function
hashDN :: DistinguishedName -> ByteStringSource
Make an openssl style hash of distinguished name
hashDN_old :: DistinguishedName -> ByteStringSource
Create an openssl style old hash of distinguished name